Hacking GCP For Fun by Agnibha Dutta.pdf
0 likes110 views
The document provides an overview of Google Cloud Platform (GCP), highlighting its services for application management, data storage, and analysis. It discusses key features like granular permissions, centralized management, and identity and access management (IAM) to enhance security. Additionally, it covers common misconfigurations in GCP, such as public exposure of storage buckets and IAM policies.
Hacking GCP For Fun by Agnibha Dutta.pdf
- 1. HACKING GCP FOR FUN & PROFIT
- 2. Security Engineer at BugBase Pursuing MBBS Part-time Bug bounty hunter CyberSecurity Trainer & Mentor eJPT, CRTP Successfully Hacked and Secured 150+ companies AGNIBHA DUTTA Y0GI aka WHOAMI?
- 3. Cloud Providers in Market
- 4. Introduction to Google Cloud Platform GCP (Google Cloud Platform) is a suite of cloud computing services provided by Google. It offers a wide range of services and tools for building, deploying, and managing applications, as well as for storing and analyzing data. GCP enables businesses, developers, and organizations to use Google's infrastructure and resources for scalable and reliable cloud solutions.
- 5. Granular Permissions: Assign specific permissions to different users for various resources, enabling precise access control and enhancing security within the GCP environment. Centralized Management: Simplifies the administration of user permissions and access policies across all GCP resources from a single platform, improving efficiency and compliance. Identity and Access Management (IAM) in GCP allows administrators to control who has access to cloud resources, ensuring secure and precise management of permissions. GCP IAM Basics
- 6. COMPUTE ENGINE Virtual Machine Instances: Compute Engine provides scalable, high-performance (VM) instances that can be customized to meet various requirements. Integration with GCP Services: Seamlessly integrates with other GCP services such as Cloud Storage, BigQuery, and Kubernetes Engine, enabling comprehensive solutions for various computing needs. Service Account Integration: Compute Engine allows users to attach service accounts to VM instances, granting them access to other Google Cloud services without requiring explicit authentication, enhancing automation and seamless integration within GCP environments.
- 7. GCP STORAGE BUCKET Storage Bucket is something similar to AWS S3 bucket and allows you to store files Sometimes buckets can be misconfigured and be publicly exposed.
- 8. Let’s look at some Misconfigs !
- 9. GCP MISCONFIG Adding principles like ‘allUsers’ or ‘allAuthenticatedUsers’ Misconfigured GCP Bucket Policy and Publicaly exposed
- 10. SSRF in GCP
- 12. IAM misconfig in GCP
- 16. THANK YOU